diff --git a/authentik/root/settings.py b/authentik/root/settings.py
index 444734818..f2cc8049a 100644
--- a/authentik/root/settings.py
+++ b/authentik/root/settings.py
@@ -53,11 +53,11 @@ STATIC_ROOT = BASE_DIR + "/static"
 STATICFILES_DIRS = [BASE_DIR + "/web"]
 MEDIA_ROOT = BASE_DIR + "/media"
 
-SECRET_KEY = CONFIG.y(
-    "secret_key", "9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s"
-)  # noqa Debug
-
 DEBUG = CONFIG.y_bool("debug")
+SECRET_KEY = CONFIG.y("secret_key")
+if DEBUG:
+    SECRET_KEY = "9$@r!d^1^jrn#fk#1#@ks#9&i$^s#1)_13%$rwjrhd=e8jfi_s"  # noqa Debug # nosec
+
 INTERNAL_IPS = ["127.0.0.1"]
 ALLOWED_HOSTS = ["*"]
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
diff --git a/website/docs/outposts/proxy.mdx b/website/docs/outposts/proxy.mdx
index 1da39f4e7..08e04504a 100644
--- a/website/docs/outposts/proxy.mdx
+++ b/website/docs/outposts/proxy.mdx
@@ -43,8 +43,10 @@ import TabItem from '@theme/TabItem';
 ```
     location /akprox {
         proxy_pass http://*ip of your outpost*:4180;
-        proxy_set_header X-Forwarded-Host $http_host;
         error_page 401 = @akprox_signin;
+        proxy_set_header    X-Forwarded-Host $http_host;
+        auth_request_set    $auth_cookie $upstream_http_set_cookie;
+        add_header          Set-Cookie $auth_cookie;
     }
 
     location @akprox_signin {